Use knowledge of your network and the threat landscape to align remediation with your biggest risks
Your approach to vulnerability management may be putting your organization at greater risk. Just dealing with vulnerabilities that a vendor said were "critical" isn't enough and may still leave you susceptible to an...

Today, vulnerability management is a critical aspect of every enterprise's security program. Just a single vulnerability can be exploited by a attacker and enable an entry point to the network, and most large enterprises have hundreds of thousands of vulnerabilities on their network.
Paradoxically, 90 percent of...

The Payment Card Industry (PCI) established the Data Security Standard (DSS) in order to reduce the risk organizations and consumers face in relation to credit card fraud, hacking and various other security issues. A company processing, storing or transmitting credit card numbers must be PCI DSS compliant or it risks...

As cloud computing services evolve, the cloud opens up entirely new ways for potential attacks. Cloud systems and images have operating system and component vulnerabilities just like those in the enterprise. For example, Heartbleed, Shellshock and other major bugs can affect cloud systems, and there are new issues to...

Adoption of the new General Data Protection Regulation (GDPR) is motivating organizations worldwide to improve existing technical controls for securing personal information. Organizations should be especially aware that the GDPR and other recent legal developments amplify the negative repercussions of a data security...

Vulnerability scanning, or the process of identifying a list of known security gaps in the network environment, is the focal point for most enterprise vulnerability management programs. The use of vulnerability scanners as security assessment tools is nearly ubiquitous in large organizations. However, as network...

Automated change workflow is essential for any enterprise or government IT organization. A typical organization may receive hundreds of changes required each month with every request requiring hours of manual analysis to assess the potential impact to business continuity and security.
A flaw in the way a change is...

Leading the latest edition of the ISMG Security Report: U.S. intelligence chiefs warn Congress that Russia's information operations continue, while Europol says criminals love cryptocurrencies, both for stealing via scams as well as to launder "dirty money."

Organizations in the Middle East and Central Asia are beginning to respond to the nuances of the evolving threat landscape in the region due to an explosion in its information and communications technology infrastructure, and this is changing the risk profile.
when addressing the advanced capabilities required to...

As we've already seen - even with IT security spending topping $80 billion in 2016 alone - the old approach to IT security isn't sufficient to stem the rising threat levels.
Download this eBook to learn five considerations to help you rethink your approach to IT security.
VMware and Intel transform security by...

After suffering one of the worst data breaches in history, in which 145.5 million U.S. consumers' personal details were stolen, credit bureau Equifax has hired Jamil Farshchi to serve as its new CISO. Farshchi joins from Home Depot, which hired him after suffering a massive data breach.

Hybrid cloud adoption is accelerating within the financial services industry and few organizations have a solid understanding of how to secure hybrid cloud.
Most companies employ an array of cloud services from an array of providers, each with its own set of security controls, frameworks and products that increase...

Concerns are already being raised about a law passed by Singapore's parliament Monday that establishes an information sharing platform by appointing a commissioner of cybersecurity to obtain confidential information from owners of critical information infrastructure about their security postures.

Chances are every channel accessed in your company by employees and customers has a different authentication process. Understanding why companies need to unify the multi-factor authentication (MFA) experience to improve security assurance and user experience is an essential aspect of empowering users to be more in...